We found ‘rwin.exe’ is created under C$ of the target server when password changing by ‘Windows Remote’.
But it is not always created, sometimes there is no rwin.exe though eventually the password change is done correctly.
Why rwin.exe is not always created?
How the password change happens even when rwin.exe is not placed?
CA Privileged Access Manager 3.x